package cn.lml.lession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;


@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	private final static Logger logger = LoggerFactory.getLogger(SecurityConfig.class);

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable().authorizeRequests()
			.antMatchers("/css/**", "/img/**", "/js/**").permitAll()// 访问：/home
			//.antMatchers("/hello/*").hasRole("READ")	//登陆后之后拥有READ角色才可以访问/hello方法
			//.anyRequest().authenticated() // 其他所有资源都需要认证，登陆后访问
		.and()
			.formLogin()
			.loginPage("/login.html") // 指定登录页是”/login.html”
			.loginProcessingUrl("/login") // 登录接口(POST)
			.permitAll() 
			//.defaultSuccessUrl("/user/yidenglu") 
			.defaultSuccessUrl("/index.html") 
			.failureUrl("/login.html?error")
			.usernameParameter("username")
			.passwordParameter("pwd")
		.and()
			.logout()
			.logoutSuccessUrl("/user/yituichu") // 退出登录后的默认网址是”/home”
			.permitAll().invalidateHttpSession(true);
		// .and()
		// .rememberMe()//登录后记住用户，下次自动登录,数据库中必须存在名为persistent_logins的表
		// .tokenValiditySeconds(1209600);
	}



	
}